package com.shine;

import com.shine.realm.CustomerMd5Realm;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.mgt.DefaultSecurityManager;
import org.apache.shiro.subject.Subject;

import java.util.Arrays;

public class TestCustomerMd5RealmAuthenticator {

    public static void main(String[] args) {

        //1.创建安全管理对象 securityManager
        DefaultSecurityManager securityManager = new DefaultSecurityManager();

        //-------2.给安全管理器设置realm（设置为自定义realm获取认证数据）-----
        CustomerMd5Realm customerMd5Realm = new CustomerMd5Realm();
        HashedCredentialsMatcher hashedCredentialsMatcher = new HashedCredentialsMatcher();
        //设置hash凭证匹配器的算法md5
        hashedCredentialsMatcher.setHashAlgorithmName("md5");
        //设置md5加密后散列次数
        hashedCredentialsMatcher.setHashIterations(1024);
        //设置realm使用hash凭证匹配器
        customerMd5Realm.setCredentialsMatcher(hashedCredentialsMatcher);
        //注入realm
        securityManager.setRealm(customerMd5Realm);

        //3.给安装工具类中设置默认安全管理器
        SecurityUtils.setSecurityManager(securityManager);
        //4.获取主体对象subject
        Subject subject = SecurityUtils.getSubject();
        //5.创建token令牌
        UsernamePasswordToken token = new UsernamePasswordToken("zhangsan", "123");
        //6.用户登录认证
        try {
            subject.login(token);
            System.out.println("登录成功~~");
        } catch (UnknownAccountException e) {
            e.printStackTrace();
            System.out.println("用户名错误!!");
        } catch (IncorrectCredentialsException e) {
            e.printStackTrace();
            System.out.println("密码错误!!!");
        }


        //7.认证用户进行授权
        if (subject.isAuthenticated()) {
            //基于角色权限控制
            System.out.println(subject.hasRole("admin"));
            //基于多角色的权限控制
            System.out.println(subject.hasAllRoles(Arrays.asList("admin", "user")));//true
            System.out.println(subject.hasAllRoles(Arrays.asList("admin", "manager")));//false
            //是否具有其中一个角色
            boolean[] booleans = subject.hasRoles(Arrays.asList("admin", "user", "manager"));
            for (boolean aBoolean : booleans) {
                System.out.println(aBoolean);
            }

            System.out.println("==========这是一个分隔符==========");

            //基于权限字符串的访问控制  资源标识符：操作：资源类型
            //用户具有的权限 user:*:01  product:*
            System.out.println("权限:"+subject.isPermitted("user:update:01"));
            System.out.println("权限:"+subject.isPermitted("product:update:02"));

            //分别具有哪些权限
            boolean[] permitted = subject.isPermitted("user:*:01", "user:update:02");
            for (boolean b : permitted) {
                System.out.println(b);
            }

            //同时具有哪些权限
            boolean permittedAll = subject.isPermittedAll("product:*:01", "product:update:03");
            System.out.println(permittedAll);
        }
    }
}
